Article ID: 161372
Article Last Modified on 10/26/2007
APPLIES TO
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows NT 4.0 Service Pack 3
This article was previously published under Q161372
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows registry
SUMMARY
This article explains how to enable SMB signing.
MORE INFORMATION
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
Windows NT 4.0 Service Pack 3 provides an updated version of the Server Message Block (SMB) authentication protocol, also known as the Common Internet File System (CIFS) file sharing protocol. For more information on SMB signing, please see the Windows NT 4.0 Service Pack 3 Readme.txt file.
Perform the following steps to configure SMB signing on a server:
- Run Registry Editor (Regedt32.exe).
- From the HKEY_LOCAL_MACHINE subtree, go to the following key:
System\CurrentControlSet\Services\LanManServer\Paramete
- Click Add Value on the Edit menu.
Add the following two values:
Value Name: EnableSecuritySignature Data Type: REG_DWORD Data: 0 (disable), 1 (enable) NOTE: The default is 0 (disable) Name: RequireSecuritySignature Type: REG_DWORD Value: 0 (disable), 1 (enable) NOTE: The default is 0 (disable)
- Click OK and then quit Registry Editor.
- Shut down and restart Windows NT.
Perform the following steps to configure SMB signing on a workstation:
- Run Registry Editor (Regedt32.exe).
- From the HKEY_LOCAL_MACHINE subtree, go to the following key:
\System\CurrentControlSet\Services\Rdr\Paramete
- Click Add Value on the Edit menu.
Add the following two values:
Value Name: EnableSecuritySignature Data Type: REG_DWORD Data: 0 (disable), 1 (enable) NOTE: The default is 1 (enable) Name: RequireSecuritySignature Type: REG_DWORD Value: 0 (disable), 1 (enable) NOTE: The default is 0 (disable)
- Click OK and then quit Registry Editor.
- Shut down and restart Windows NT.
Although the use of SMB signing causes slower network performance, we recommend its use in any environment where hostile network activity might occur. (SMB signing slows network performance from 10 to 15 percent, on average.) The performance decrease is caused by the requirement to digitally sign and verify each packet that is transmitted on the network.
Additional query words: 4.00 sp3
Keywords: kbproductlink kbenv kbhowto kbnetwork KB161372